Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/df99d3-5028-4361-b795-3af4a9463b77/1/i3uS1vOEnzVWVUGNpaDdeRDIEsc.roa
File:                     i3uS1vOEnzVWVUGNpaDdeRDIEsc.roa (raw, json)
Hash identifier:          hiCaHskbsCgv8nQEHi/iVMye8srWKprh7aA1JH5s930=
Subject key identifier:   8B:7B:92:D6:F3:84:9F:35:56:55:41:8D:A5:A0:DD:79:10:C8:12:C7
Certificate issuer:       /CN=0efd1cad121902755089e3ca80ba6d7ccc4b9b71
Certificate serial:       01856FF93E74F6709D1A0ECF469596DA9B0F
Authority key identifier: 0E:FD:1C:AD:12:19:02:75:50:89:E3:CA:80:BA:6D:7C:CC:4B:9B:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dv0crRIZAnVQiePKgLptfMxLm3E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/df99d3-5028-4361-b795-3af4a9463b77/1/i3uS1vOEnzVWVUGNpaDdeRDIEsc.roa
Signing time:             Mon 02 Jan 2023 00:54:43 +0000
ROA not before:           Mon 02 Jan 2023 00:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212488
IP address blocks:        2001:67c:3f8::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:30:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f9:3e:74:f6:70:9d:1a:0e:cf:46:95:96:da:9b:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0efd1cad121902755089e3ca80ba6d7ccc4b9b71
        Validity
            Not Before: Jan  2 00:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8b7b92d6f3849f355655418da5a0dd7910c812c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:32:5e:a4:f6:53:78:2b:cf:5b:fb:21:de:03:
                    b5:10:fa:0a:e9:32:45:fd:0f:f5:d3:30:b4:77:66:
                    2b:3c:6d:20:b8:0b:c1:bb:65:07:c3:5c:3b:49:32:
                    8e:79:6e:90:b5:d1:48:bc:9f:ab:1d:bb:81:fc:a2:
                    67:75:9e:d4:dd:18:df:ff:c3:e5:ac:a8:a7:18:39:
                    b3:35:e9:25:28:f5:09:5c:14:66:9a:9f:ff:b1:8d:
                    51:87:46:3b:ad:96:d4:92:eb:41:52:df:c6:e9:37:
                    4b:89:9c:89:a3:ae:de:b8:52:13:81:54:aa:9e:7e:
                    92:c1:2b:03:21:e1:e8:9e:93:18:b9:20:d6:ab:b1:
                    7b:90:66:ad:2a:67:3f:7a:d4:76:ce:f4:ca:c0:92:
                    54:4e:94:21:9c:38:95:dc:de:39:7d:bf:54:1e:86:
                    af:d0:9c:1b:d8:0a:a1:3f:d7:be:2c:72:09:b0:11:
                    57:21:f7:dc:49:bf:8f:3a:c0:4f:d3:7e:a9:08:de:
                    92:17:b6:ea:3e:b6:65:ae:95:f4:27:6a:2a:55:54:
                    63:78:64:00:56:6d:42:40:55:ad:16:ee:26:56:1e:
                    5c:5a:87:24:1d:a4:7c:a2:72:af:f3:5a:bf:ba:0d:
                    98:c3:f2:9e:6e:be:db:50:80:99:b1:8d:49:71:33:
                    f6:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:7B:92:D6:F3:84:9F:35:56:55:41:8D:A5:A0:DD:79:10:C8:12:C7
            X509v3 Authority Key Identifier:
                keyid:0E:FD:1C:AD:12:19:02:75:50:89:E3:CA:80:BA:6D:7C:CC:4B:9B:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dv0crRIZAnVQiePKgLptfMxLm3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/df99d3-5028-4361-b795-3af4a9463b77/1/i3uS1vOEnzVWVUGNpaDdeRDIEsc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/df99d3-5028-4361-b795-3af4a9463b77/1/Dv0crRIZAnVQiePKgLptfMxLm3E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:3f8::/48

    Signature Algorithm: sha256WithRSAEncryption
         64:db:a2:ea:36:e7:fa:0a:54:86:af:91:7e:b7:df:ec:83:1a:
         c8:b8:f2:32:83:c5:40:b7:6c:ea:15:5b:93:85:68:bc:4c:f7:
         0b:4a:c6:ea:04:75:a6:c8:c2:84:35:54:43:c4:f2:a8:80:40:
         d4:68:26:54:8a:12:7c:c2:1a:90:83:ce:15:fa:fa:30:28:e8:
         dc:6c:af:f6:2e:fe:bc:07:97:b8:12:5a:08:ab:0c:8a:c9:4f:
         fe:33:5a:43:a3:82:b1:fd:e1:4e:64:c7:f6:90:6f:81:08:f8:
         55:25:57:65:1c:d2:3a:d9:69:f7:0f:d7:f0:51:42:de:25:31:
         2c:ea:61:c3:88:cb:fc:43:13:41:bb:79:ec:db:49:cc:8d:93:
         e5:5a:84:b6:b8:4e:ae:b8:cf:4f:7a:c0:00:5b:5c:bc:69:12:
         ca:9a:fc:40:14:db:a1:4d:ad:68:ae:7f:ce:2f:83:4e:da:d3:
         2a:67:45:65:d4:21:88:c9:47:0c:a3:89:b7:6d:5c:bd:65:07:
         55:4e:fb:2c:76:b9:0f:1e:09:27:88:7e:c4:a1:4a:ab:f8:f0:
         22:94:30:d6:fd:5d:3c:0e:db:53:b4:77:d6:5b:11:ed:a1:17:
         b5:49:e1:f7:fc:04:76:4d:da:a9:c6:55:96:d9:58:5b:15:f3:
         74:b8:92:a6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVv+T509nCdGg7PRpWW2psPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZmQxY2FkMTIxOTAyNzU1MDg5ZTNjYTgwYmE2ZDdjY2M0
YjliNzEwHhcNMjMwMTAyMDA1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjdiOTJkNmYzODQ5ZjM1NTY1NTQxOGRhNWEwZGQ3OTEwYzgxMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzJepPZTeCvPW/sh3gO1EPoK6TJF
/Q/10zC0d2YrPG0guAvBu2UHw1w7STKOeW6QtdFIvJ+rHbuB/KJndZ7U3Rjf/8Pl
rKinGDmzNeklKPUJXBRmmp//sY1Rh0Y7rZbUkutBUt/G6TdLiZyJo67euFITgVSq
nn6SwSsDIeHonpMYuSDWq7F7kGatKmc/etR2zvTKwJJUTpQhnDiV3N45fb9UHoav
0Jwb2AqhP9e+LHIJsBFXIffcSb+POsBP036pCN6SF7bqPrZlrpX0J2oqVVRjeGQA
Vm1CQFWtFu4mVh5cWockHaR8onKv81q/ug2Yw/Kebr7bUICZsY1JcTP2rQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIt7ktbzhJ81VlVBjaWg3XkQyBLHMB8GA1UdIwQY
MBaAFA79HK0SGQJ1UInjyoC6bXzMS5txMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHYwY3JSSVpBblZRaWVQS2dMcHRmTXhMbTNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kZjk5ZDMtNTAyOC00MzYxLWI3OTUt
M2FmNGE5NDYzYjc3LzEvaTN1UzF2T0VuelZXVlVHTnBhRGRlUkRJRXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9kZjk5ZDMtNTAyOC00MzYxLWI3OTUtM2FmNGE5NDYzYjc3
LzEvRHYwY3JSSVpBblZRaWVQS2dMcHRmTXhMbTNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAP4
MA0GCSqGSIb3DQEBCwUAA4IBAQBk26LqNuf6ClSGr5F+t9/sgxrIuPIyg8VAt2zq
FVuThWi8TPcLSsbqBHWmyMKENVRDxPKogEDUaCZUihJ8whqQg84V+vowKOjcbK/2
Lv68B5e4EloIqwyKyU/+M1pDo4Kx/eFOZMf2kG+BCPhVJVdlHNI62Wn3D9fwUULe
JTEs6mHDiMv8QxNBu3ns20nMjZPlWoS2uE6uuM9PesAAW1y8aRLKmvxAFNuhTa1o
rn/OL4NO2tMqZ0Vl1CGIyUcMo4m3bVy9ZQdVTvssdrkPHgkniH7EoUqr+PAilDDW
/V08DttTtHfWWxHtoRe1SeH3/AR2TdqpxlWW2VhbFfN0uJKm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:53 2024 by rpki-client on console-fra.rpki-client.org